504891 : Default password on Netgear DG834G router

Risk 4 : Miscellaneous

A remote attacker could gain access to the device, allowing him or her to cause a denial of service, change the configuration, install malicious firmware, or gain unauthorized access to the internal network.

Routers and other networking devices often contain administrative interfaces to allow the network administrator to make configuration changes or diagnose problems remotely. The Telnet, FTP, and HTTP protocols are commonly used to provide such interfaces. It is usually necessary to provide a password in order to access the device.

12/03/09

Some devices are shipped with known default passwords. If these devices are installed in an operational environment with the default passwords still in place, they provide a remote attacker with an easy way to gain access to the device. Once access has been gained, the attacker could create a denial of service, make unauthorized configuration changes, install malicious firmware, or route packets to machines on the internal network which would otherwise be blocked by the router.

Related CVE entries: CVE 2001-1543 Axis network camera CVE 2002-1229 Avaya Cajun switches CVE 2002-1440 Gateway GS-400 CVE 2002-2020 NetGear Cable/DSL router CVE 2004-1320 Asante FM2008 CVE 2004-1321 Asante FM2008 CVE 2004-1791 Edimax WAP CVE 2004-1920 X-Micro WLAN Routers CVE 2004-2556 NetGear WG602 CVE 2004-2557 NetGear WG602 additional CVE 2005-0865 Samsung ADSL modem CVE 2005-2026 Vertical Horizon switch CVE 2005-3717 UTStarcom VoIP WIFI Phone CVE 2009-0620 Cisco ACE CVE 2009-0621 Cisco ACE

Walter Belgers' paper, [http://www.belgers.com/write/pwseceng.txt] UNIX password security, is a good reference on strengthening passwords. Although it focuses on UNIX, the password guidelines presented in this paper are applicable to all devices.

Specific information is available for [http://www.securityfocus.com/archive/1/203022] ZyXEL Prestige routers, [http://archives.neohapsis.com/archives/bugtraq/2002-08/0126.html] Gateway GS-400, [http://online.securityfocus.com/archive/1/295256] Avaya switches, [http://www.securityfocus.com/archive/1/360049] X-Micro WLAN routers, [http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0049.html] NetGear WG602 Accesspoint, [http://slashdot.org/it/04/06/08/1319206.shtml?tid=126&tid=172] NetGear WG602 Accesspoint change, [http://www.securityfocus.com/archive/1/365685] Edimax WAP, [http://www.securityfocus.com/archive/1/371575] NetGear DG834G, [http://www.securityfocus.com/archive/1/372643] Axis, [http://archives.neohapsis.com/archives/bugtraq/2004-09/0033.html] Dynalink RTA 230, [http://www.securityfocus.com/archive/1/384493] Asante FM2008 switch, [http://www.securityfocus.com/archive/1/403029] Vertical Horizon switch, [http://secunia.com/advisories/17629] UTStarcom VoIP WIFI Phone, [http://www.securityfocus.com/bid/33900] Cisco ACE, and [http://www.securityfocus.com/archive/1/507263] 3Com OfficeConnect.

Solution:

Change the password to something other than the default. A recommended password would be one which is at least eight characters long, contains both letters and numbers, and is not based on any associated information such as account names, user's names, or DNS names.

If the password cannot be changed, contact your vendor for a firmware fix, or block access to all affected services at the network perimeter.

08/26/02 NOTE: In some cases, notably the Gateway GS-400 server vulnerability, changing the password may void the manufacturer's warranty.

CVSS Information:
Low Attack Complexity, Partial Confidentiality Impact, Partial Integrity Impact, Complete Availability Impact
Credit:
Saint Coorporation : 2010-06-10
New Search
Keywords
Risk Factor
Start Date
End Date
Browse